Microsoft and NSA face off over cyber attack

19 Mai 2017

There's Microsoft, whose ubiquitous Windows operating systems were compromised after attackers exploited a security hole. The group, quiet since August, returned Tuesday with a warning for the National Security Agency and the rest of the world: There are going to be more leaked tools. Computer Emergency Response Team of India (CERT-In), the nodal agency to tackle hacking phishing, and secure defences of the Indian internet domain, issued a red-coloured critical alert on Saturday to all organizations, asking them to take necessary precautionary measures against the malware.

"You can point a lot of fingers, but I think given that this was not a zero-day vulnerability (for which no patch is available), the people hacked are to blame", said Robert Cattanach, a partner at the global law firm Dorsey & Whitney and an expert on cybersecurity and data breaches. "Microsoft can't be proud".

Vu Ngoc Son, deputy head of the anti-malware department of Bkav Corporation, the largest internet security firm in Vietnam, said that the WannaCry ransomware's behaviour is "not new", but he believes that the use of this ransomware will not really ease up as "it can directly earn large profits for hackers". "Yet, when a serious vulnerability is discovered in software, many companies respond slowly or say it's not their problem". Still, he said, Microsoft should accept some responsibility.

"They can't pay anywhere close to the mark", Dillon said. (These are the most important patches that the company recommends users install immediately.) That could saddle the company with the XP albatross for many years past when it hoped to be free from having to maintain the software.

As ransomware attacks multiply and grow in seriousness, it is worth reviewing how companies can prepare for and protect themselves against this significant threat.

When Microsoft sells software it does so through a licensing agreement that states the company is not liable for any security breaches, said Michael Scott, a professor at Southwestern Law School.

The problem comes with using old versions of Windows or not taking the update patches that Microsoft puts out.

The company on Friday said it had added additional protection against the specific malware, and was working with affected customers.

When a user does not have any control over the programme that she is running, the program controls the user.

"It's not rocket science", Litan said.

That's what led to such strong warnings being issued by security experts: Chris Camacho of New York's Flashpoint said, "When people ask what keeps you up at night, it's this"; Rohy Belani of email security company PhishMe said, "This is nearly like the atom bomb of ransomware".

"We encourage all Dedicated and VPS customers to ensure they have antivirus software; a data backup solution; and regularly update all software, including the operating system, on a regular schedule", Raven concluded.

Microsoft had released in March a patch to fix the flaw exploited this week, but many computers, particularly older systems or devices that hadn't been updated, remained vulnerable.

"We believe the recent ransomware attack could accelerate the Windows upgrade cycle for enterprises, which would drive further upside to Office 365 Commercial MAUs [monthly active users] beyond what is now factored into our estimates", he added. The hackers behind WannaCry only accept ransom paid via BitCoin, a digital currency that ensures that the transaction can not be traced.